Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/k97e5cWtuJEz0LC0TXVGlA7_-c4.roa
File: k97e5cWtuJEz0LC0TXVGlA7_-c4.roa (raw, json)
Hash identifier: 0kXWvClSSuwbWM0KLu1drO5P9HVIjClRGcwNE/n5x1E=
Subject key identifier: 93:DE:DE:E5:C5:AD:B8:91:33:D0:B0:B4:4D:75:46:94:0E:FF:F9:CE
Certificate issuer: /CN=77c6fb655461d73fcf21e8612c318706a089a5c2
Certificate serial: 018CC3492C30D89270EF34E296B0449B5134
Authority key identifier: 77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/k97e5cWtuJEz0LC0TXVGlA7_-c4.roa
Signing time: Mon 01 Jan 2024 04:30:01 +0000
ROA not before: Mon 01 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206893
IP address blocks: 185.172.230.0/24 maxlen: 24
185.172.229.0/24 maxlen: 24
185.172.228.0/24 maxlen: 24
2a0b:81c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 17 Feb 2024 03:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2c:30:d8:92:70:ef:34:e2:96:b0:44:9b:51:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c6fb655461d73fcf21e8612c318706a089a5c2
Validity
Not Before: Jan 1 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93dedee5c5adb89133d0b0b44d7546940efff9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:26:5a:48:70:72:1e:ca:cd:9b:7d:ca:0a:98:
98:e3:a7:e6:aa:8b:e8:14:1e:80:9a:14:07:79:02:
59:37:f8:67:00:b7:db:d8:f6:12:95:2a:e4:d4:fc:
8f:a7:4a:c8:63:25:56:11:e7:ca:cd:94:2e:d6:a3:
23:3c:9e:9c:8f:82:af:b6:28:47:a6:56:e6:10:48:
bc:6a:3c:c3:aa:ba:cf:61:b9:4d:b9:96:9c:1c:77:
55:7b:fb:f6:cd:ec:c6:94:9e:48:df:50:d0:68:5d:
f6:29:39:6a:8c:3e:44:95:7b:53:a4:b8:ed:e0:67:
58:82:72:0f:cc:de:2e:87:e9:7b:13:e2:e9:88:9c:
ea:65:54:88:95:66:86:56:1d:9f:28:b8:39:39:4a:
9a:5d:48:9e:d8:cd:4b:09:7a:26:ac:aa:ac:12:8f:
a8:f3:85:de:b1:1e:5c:87:d1:06:2c:4b:09:14:7c:
2e:a5:42:6a:f0:34:b6:4c:56:84:f5:f3:97:b5:a2:
99:53:1f:dd:44:31:b9:f0:fb:5b:29:14:98:28:2a:
45:08:73:35:59:ee:80:02:c5:f9:ff:08:dd:f0:87:
b8:83:05:3e:13:e4:78:34:2d:1a:17:fa:52:b9:bf:
ff:3d:c1:db:62:ce:a4:70:8b:fb:74:36:08:5e:34:
25:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DE:DE:E5:C5:AD:B8:91:33:D0:B0:B4:4D:75:46:94:0E:FF:F9:CE
X509v3 Authority Key Identifier:
keyid:77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/k97e5cWtuJEz0LC0TXVGlA7_-c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/d8b7ZVRh1z_PIehhLDGHBqCJpcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.228.0-185.172.230.255
IPv6:
2a0b:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
85:78:46:99:da:bc:c3:dc:ca:ec:d6:58:58:bf:20:5a:f4:be:
42:d7:5e:3b:c9:03:b5:fc:ca:3c:e1:cd:47:bb:6a:10:bb:8f:
b0:fb:97:eb:33:31:d1:09:06:17:85:8e:ac:73:e0:54:7b:f0:
b5:1e:c1:0a:69:fa:38:1b:b0:4f:f1:5d:ab:75:e1:fb:61:fd:
0d:87:90:f4:bf:c6:ef:bc:e8:8c:85:b0:1d:08:f3:72:b8:b0:
57:6b:49:a5:52:70:8d:7d:f7:39:42:eb:41:96:b9:a2:48:c4:
f1:1f:1e:71:4e:0a:46:e7:58:b7:8c:3d:10:8e:8a:0c:a3:d0:
9d:1f:de:b5:e9:fb:e9:eb:bc:ca:04:39:7b:be:16:22:b6:35:
c3:67:aa:b1:9f:03:e3:22:7c:5b:fd:04:82:97:12:0c:06:5a:
09:bc:7b:4f:3e:e9:78:2f:2b:c1:1a:31:f1:59:3e:c8:0c:b4:
36:75:86:aa:0f:b4:0e:c3:98:3b:e5:ef:fd:fd:aa:2a:e2:73:
8b:87:a8:db:73:86:2f:e3:63:55:87:74:d6:9b:50:bc:8b:3b:
60:3b:9b:13:8c:0f:f0:1e:b7:a4:9e:35:e2:49:79:c9:b4:08:
44:c1:df:b5:0a:3b:47:17:26:8a:0c:64:93:da:e8:f4:9b:81:
28:bd:a6:fa
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSSww2JJw7zTilrBEm1E0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzZmYjY1NTQ2MWQ3M2ZjZjIxZTg2MTJjMzE4NzA2YTA4
OWE1YzIwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RlZGVlNWM1YWRiODkxMzNkMGIwYjQ0ZDc1NDY5NDBlZmZmOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiZaSHByHsrNm33KCpiY46fmqovo
FB6AmhQHeQJZN/hnALfb2PYSlSrk1PyPp0rIYyVWEefKzZQu1qMjPJ6cj4KvtihH
plbmEEi8ajzDqrrPYblNuZacHHdVe/v2zezGlJ5I31DQaF32KTlqjD5ElXtTpLjt
4GdYgnIPzN4uh+l7E+LpiJzqZVSIlWaGVh2fKLg5OUqaXUie2M1LCXomrKqsEo+o
84XesR5ch9EGLEsJFHwupUJq8DS2TFaE9fOXtaKZUx/dRDG58PtbKRSYKCpFCHM1
We6AAsX5/wjd8Ie4gwU+E+R4NC0aF/pSub//PcHbYs6kcIv7dDYIXjQlfwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJPe3uXFrbiRM9CwtE11RpQO//nOMB8GA1UdIwQY
MBaAFHfG+2VUYdc/zyHoYSwxhwagiaXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2Yt
YWIzMDgxYjJhYmE0LzEvazk3ZTVjV3R1SkV6MExDMFRYVkdsQTdfLWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2YtYWIzMDgxYjJhYmE0
LzEvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5rOQD
BAC5rOYwDQQCAAIwBwMFAyoLgcAwDQYJKoZIhvcNAQELBQADggEBAIV4RpnavMPc
yuzWWFi/IFr0vkLXXjvJA7X8yjzhzUe7ahC7j7D7l+szMdEJBheFjqxz4FR78LUe
wQpp+jgbsE/xXat14fth/Q2HkPS/xu+86IyFsB0I83K4sFdrSaVScI199zlC60GW
uaJIxPEfHnFOCkbnWLeMPRCOigyj0J0f3rXp++nrvMoEOXu+FiK2NcNnqrGfA+Mi
fFv9BIKXEgwGWgm8e08+6XgvK8EaMfFZPsgMtDZ1hqoPtA7DmDvl7/39qiric4uH
qNtzhi/jY1WHdNabULyLO2A7mxOMD/Aet6SeNeJJecm0CETB37UKO0cXJooMZJPa
6PSbgSi9pvo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:44 2024 by rpki-client on console-fra.rpki-client.org